Appl. No. 09/998,893 PATENT 
Amdt. dated June 5, 2008 
Amendment under 37 CFR 1.114 
Request for Continued Examination 

Amendments to the Claims: 

Please cancel claims 3-6, 18, 19, 29, 30, 40, 45, and 50 without prejudice or 
disclaimer. This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . (Currently Amended) A method comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; and 

retrieving by the Identity System a first workflow for responding to said request 
from a set of workflows, wherein said set of workflows includes a plurality of workflows for 
responding to said requests for certificate related action actions , wherein each workflow in said 
plurality of workflows corresponds to a different set of characteristics for a user, wherein the first 
workflow contains a first set of directives and a second workflow in said plurality of workflows 
contains a second set of directives, wherein said first set of directives is different from said 
second set of directives, wherein said first workflow calls for obtaining an approval before 
performing a certificate related action, wherein said second workflow does not call for obtaining 
an approval before performing a certificate related action, wherein said first w orkflow for 
responding to said request corresponds to said first certificate related action and a set of 
characteristics for said first user from an identity profile for the first user maintained by the 
Identity System, the set of characteristics for the first user including a user type for the first user , 
and wherein retrieving the first workflow further comprises selecting the first workflow from the 
plurality of workflows based on the requested first certificate related action and the user type of 
the first user . 

2. (Canceled) 
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3. (Canceled) 

4. (Canceled) 

5. (Canceled) 

6. (Canceled) 

7. (Currently Amended) The method of claim [[3]] I, further comprising: 
receiving said plurality of workflows. 

8. (Currently Amended) The method of claim 1, further comprising: 
performing said first workflow, wherein performing said first workflow 

comprises: 

retrieving an approval response; and 
obtaining a certificate. 

9. (Currently Amended) The method of claim 8, further comprising: 
receiving a second request for a second certificate related action for a second user 

wherein the second certificate related action is selected from a group consisting of a certificate 
enrollment action, a certificate renewal action, and a certificate revocation action ; 

retrieving [[a]] the second workflow for responding to said second request from 
said set plurality of workflows, wherein said second workflow corresponds to said second 
certificate related action and a set of characteristics for said second use r from an identity profile 
for the second user maintained by the Identity System, the set of characteristics including a user 
type for the second user, and wherein retrieving the second workflow further comprises selecting 
the second workflow from the plurality of workflows based on the second certificate related 
action and the user type of the second user ; and 

performing said second workflow, wherein performing said second workflow 

comprises: 

obtaining a second certificate without retrieving an approval response. 
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10. (Currently Amended) The method of claim 9, wherein said first certificate 
related action is a certificate enrollment action and said second certificate related action is a 
certificate enrollment action. 

1 1 . (Currently Amended) The method of claim 9, wherein said first certificate 
related action is a certificate renewal action and said second certificate related action is a 
certificate renewal action. 

12. (Currently Amended) The method of claim 1, further comprising: 
performing said first workfiow, wherein said first certificate related action is a 

certificate enrollment action and wherein performing said first workfiow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

13. (Currently Amended) The method of claim 1, further comprising: 
performing said first workfiow, wherein said first certificate related action is a 

certificate renewal action and wherein performing said first workfiow comprises: 

obtaining a certificate renewal, wherein obtaining the certificate renewal 

comprises: 

authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving a certificate renewal acknowledgement. 

14. (Currently Amended) The method of claim 1, further comprising: 
performing said first workfiow, wherein said first certificate related action is a 

certificate revocation action and wherein performing said first workfiow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
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authenticating said first user; and 



PATENT 



forwarding said request to a Certificate Processing Server. 

15. (Canceled) 

16. (Currently Amended) One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, said 
processor readable code for programming one or more processors to perform a method 
comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; and 

retrieving by the Identity System a first workflow for responding to said request 
from a set of workflows, wherein said set of workflows includes a plurality of workflows for 
responding to said requests for certificate related action actions , wherein each workflow in said 
plurality of workflows corresponds to a different set of characteristics for a use r, wherein the first 
workflow contains a flrst set of directives and a second workflow in said plurality of workflows 
contains a second set of directives, wherein said flrst set of directives is different from said 
second set of directives, wherein said flrst workflow calls for obtaining an approval before 
performing a certificate related action, wherein said second workfiow does not call for obtaining 
an approval before performing a certificate related action, wherein said first w orkfiow for 
responding to said request corresponds to said flrst certificate related action and a set of 
characteristics for said flrst user from an identity proflle for the first user maintained by the 
Identity System, the set of characteristics for the first user including a user type for the first user , 
and wherein retrieving the first workflow further comprises selecting the first workfiow from the 
plurality of workflows based on the requested first certificate related action and the user type of 
the flrst user . 

17. (Canceled) 
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18. (Canceled) 

19. (Canceled) 

20. (Currently Amended) One or more processor readable storage devices 
according to claim 18 16, wherein said method further comprises: 

receiving said plurality of workflows. 

21 . (Currently Amended) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein performing said flrst workflow 

comprises: 

retrieving an approval response; and 
obtaining a certiflcate; 

receiving a second request for a second certiflcate related action for a second user 
wherein the second certiflcate related action is selected from a group consisting of a certiflcate 
enrollment action, a certiflcate renewal action, and a certiflcate revocation action ; 

retrieving [[a]] the second workflow for responding to said second request from 
said set plurality of workflows, wherein said second workflow corresponds to said second 
certiflcate related action and a set of characteristics for said second use r from an identity proflle 
for the second user maintained by the Identity System, the set of characteristics including a user 
type for the second user, and wherein retrieving the second workflow further comprises selecting 
the second workflow from the plurality of workflows based on the second certiflcate related 
action and the user type of the second user ; and 

performing said second workflow, wherein performing said second workflow 

comprises: 

obtaining a second certiflcate without retrieving an approval response. 
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22. (Currently Amended) One or more processor readable storage devices 
according to claim 21, wherein said first certificate related action is a certificate enrollment 
action and said second certificate related action is a certificate enrollment action. 

23. (Currently Amended) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate enrollment action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

24. (Currently Amended) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate renewal action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; and 
receiving a certificate renewal acknowledgement. 

25. (Currently Amended) One or more processor readable storage devices 
according to claim 16, wherein said method further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate revocation action and wherein performing said first workflow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
authenticating said first user; and 
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forwarding said request to a Certificate Processing Server. 

26. (Canceled) 

27. (Currently Amended) An apparatus comprising: 
one or more communications interfaces; 

one or more storage devices; and 

one or more processors in communication with said one or more storage devices 
and said one or more communication interfaces, said one or more processors perform a method 
comprising: 

receiving at an Identity System a request for a first certificate related action for a 
first user wherein the first certificate related action is selected from a group consisting of a 
certificate enrollment action, a certificate renewal action, and a certificate revocation action; and 

retrieving by the Identity System a first workflow for responding to said request 
from a set of worlcflows, wherein said set of worlcflows includes a plurality of workflows for 
responding to said requests for certificate related action actions , wherein each workflow in said 
plurality of workflows corresponds to a different set of characteristics for a use r, wherein the first 
workflow contains a flrst set of directives and a second workflow in said plurality of workflows 
contains a second set of directives, wherein said flrst set of directives is different from said 
second set of directives, wherein said flrst workflow calls for obtaining an approval before 
performing a certificate related action, wherein said second workfiow does not call for obtaining 
an approval before performing a certificate related action, wherein said first w orkfiow for 
responding to said request corresponds to said flrst certificate related action and a set of 
characteristics for said flrst user from an identity proflle for the first user maintained by the 
Identity System, the set of characteristics for the first user including a user type for the first user , 
and wherein retrieving the first workflow further comprises selecting the first workfiow from the 
plurality of workflows based on the requested first certificate related action and the user type of 
the flrst user . 
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28. (Canceled) 

29. (Canceled) 

30. (Canceled) 

3 1 . (Currently Amended) The apparatus of claim 29 27, wherein said method 
further comprises: 

receiving said plurality of workflows. 

32. (Currently Amended) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein performing said flrst workflow 

comprises: 

retrieving an approval response; and 
obtaining a certiflcate; 

receiving a second request for a second certiflcate related action for a second user 
wherein the second certiflcate related action is selected from a group consisting of a certiflcate 
enrollment action, a certiflcate renewal action, and a certiflcate revocation action ; 

retrieving [[a]] the second workflow for responding to said second request from 
said set plurality of workflows, wherein said second workflow corresponds to said second 
certiflcate related action and a set of characteristics for said second use r from an identity proflle 
for the second user maintained by the Identity System, the set of characteristics including a user 
type for the second user, and wherein retrieving the second workflow further comprises selecting 
the second workflow from the plurality of workflows based on the second certiflcate related 
action and the user type of the second user ; and 

performing said second workflow, wherein performing said second workflow 

comprises: 

obtaining a second certiflcate without retrieving an approval response. 
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33. (Currently Amended) The apparatus of claim 32, wherein said first 
certificate related action is a certificate enrollment action and said second certificate related 
action is a certificate enrollment action. 

34. (Currently Amended) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate enrollment action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; 
receiving said certificate; and 
storing said certificate. 

35. (Currently Amended) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate renewal action and wherein performing said first workflow comprises: 

obtaining a certificate, wherein obtaining the certificate comprises: 
authenticating said first user; 

forwarding said request to a Certificate Processing Server; and 
receiving a certificate renewal acknowledgement. 

36. (Currently Amended) The apparatus of claim 27, wherein said method 
further comprises: 

performing said first workflow, wherein said first certificate related action is a 
certificate revocation action and wherein performing said first workflow comprises: 

revoking a certificate, wherein revoking the certificate comprises: 
authenticating said first user; and 
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forwarding said request to a Certificate Processing Server. 

37. (Canceled) 

38. (Currently Amended) A method comprising: 

receiving a first r equest for a first certificate related action for a first user; and 
retrieving a first workflow for responding to said first request from a set plurality 

of workflows, 

wherein said first workflow corresponds to said first certiflcate related 
action and a set of characteristics for said first user, 

wherein said set of workflows includes a plurality of workflows for 
responding to said certificate related action, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said first workflow calls for obtaining an approval before 
performing a certificate related action, 

wherein a second workfiow of the plurality of workfiows does not call for 
obtaining an approval before performing a certificate related action, and 

wherein retrieving the first w orkfiow for responding to said first request 
further comprises selecting the first workfiow from the plurality of workfiows based on the 
requested first certificate related action and a user type of the first user; 

performing said first workfiow, wherein performing said first workfiow comprises 
retrieving an approval response and obtaining a certificate; 

receiving a second request for a second certificate related action for a second user; 
retrieving a second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a user type of said second user; and 

performing said second workflow, wherein performing said second workfiow 
comprises obtaining a second certificate without retrieving an approval response . 
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39. (Previously Presented) The method of claim 38, further comprising: 
receiving said plurality of workflows. 

40. (Canceled) 

4 1 . (Currently Amended) The method of claim 40 38, wherein said first 
certificate related action and said second certificate related action call for the same certificate 
related action. 

42. (Currently Amended) The method of claim 40 38, wherein receiving the 
request, retrieving the workflow, performing the workflow, receiving the second request, 
retrieving the second workflow, and performing the second workflow are performed by an 
Identity System in communication with an Access System. 

43. (Currently Amended) One or more processor readable storage devices 
having processor readable code embodied on said processor readable storage devices, said 
processor readable code for programming one or more processors to perform a method 
comprising: 

receiving a first r equest for a first certificate related action for a first user; and 
retrieving a first workflow for responding to said first request from a set plurality 

of workflows, 

wherein said first workflow corresponds to said first certificate related 
action and a set of characteristics for said first user, 

wherein said set of workflows includes a plurality of workflows for 
responding to said certificate related action, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said first workflow calls for obtaining an approval before 
performing a certificate related action. 
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wherein a second workflow of the plurality of workflows does not call for 
obtaining an approval before performing a certificate related action, and 

wherein retrieving the first w orkflow for responding to said first request 
further comprises selecting the first workflow from the plurality of workflows based on the 
requested flrst certiflcate related action and a user type of the flrst user; 

performing said flrst workflow, wherein performing said flrst workflow comprises 
retrieving an approval response and obtaining a certiflcate; 

receiving a second request for a second certificate related action for a second user; 

retrieving a second workfiow for responding to said second request from said 
plurality of workfiows, wherein said second workflow corresponds to said second certiflcate 
related action and a user type of said second user; and 

performing said second workfiow, wherein performing said second workflow 
comprises obtaining a second certificate without retrieving an approval response . 

44. (Previously Presented) One or more processor readable storage devices 
according to claim 43, wherein said method further comprises: 

receiving said plurality of workflows. 

45. (Canceled) 

46. (Currently Amended) One or more processor readable storage devices 
according to claim 44 43, wherein said first certificate related action and said second certificate 
related action call for the same certificate related action. 

47. (Currently Amended) One or more processor readable storage devices 
according to claim 44 43, wherein receiving the request, retrieving the workflow, performing the 
workfiow, receiving the second request, retrieving the second workfiow, and performing the 
second workflow are performed by an Identity System in communication with an Access 
System. 
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48. (Currently Amended) An apparatus comprising: 
one or more communications interfaces; 
one or more storage devices; and 

one or more processors in communication with said one or more storage devices 
and said one or more communication interfaces, said one or more processors perform a method 
comprising: 

receiving a first r equest for a first certificate related action for a first user; and 
retrieving a first workflow for responding to said first request from a set plurality 

of workflows, 

wherein said first workflow corresponds to said first certiflcate related 
action and a set of characteristics for said first user, 

wherein said set of workflows includes a plurality of workflows for 
responding to said certificate related action, 

wherein each workflow in said plurality of workflows corresponds to a 
different set of characteristics for a user, 

wherein said flrst workflow calls for obtaining an approval before 
performing a certificate related action, 

wherein a second workfiow of the plurality of workfiows does not call for 
obtaining an approval before performing a certiflcate related action, and 

wherein retrieving the first w orkflow for responding to said flrst request 
further comprises selecting the flrst workflow from the plurality of workflows based on the 
requested first certificate related action and a user type of the first user; 

performing said first workfiow, wherein performing said first workfiow comprises 
retrieving an approval response and obtaining a certificate; 

receiving a second request for a second certiflcate related action for a second user; 
retrieving a second workflow for responding to said second request from said 
plurality of workflows, wherein said second workflow corresponds to said second certificate 
related action and a user type of said second user; and 
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performing said second workflow, wherein performing said second workflow 
comprises obtaining a second certificate without retrieving an approval response . 

49. (Previously Presented) The apparatus of claim 48, wherein said method 
further comprises: 

receiving said plurality of workflows. 

50. (Canceled) 

5 1 . (Currently Amended) The apparatus of claim -50 48, wherein said first 
certificate related action and said second certificate related action call for the same certificate 
related action. 

52. (Currently Amended) The apparatus of claim -50 48, wherein receiving the 
request, retrieving the workfiow, performing the workfiow, receiving the second request, 
retrieving the second workflow, and performing the second workflow are performed by an 
Identity System in communication with an Access System. 

Please add the following new claims: 

53. (New) The method of claim 8, wherein obtaining an approval response 
comprises applying a Lightweight Directory Access Protocol (LDAP) fliter to attributes of the 
identity proflle for the flrst user. 
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